iPhone app iPad app Android phone app Android tablet app More

Apple Security: Products Surprisingly Vulnerable, Studies Find

The Huffington Post  |  By Posted: 04/20/2012 5:43 pm Updated: 04/20/2012 11:41 pm

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy
Apple Security

Alright, Apple fans, it's time to face the truth: Your Macs aren't as safe as you might think.

According to PCWorld, a report recently released by Internet security firm Trend Micro shows that Apple posted the highest number of reported security vulnerabilities during the first three months of 2012, leading all other OS and software vendors with 91 vulnerabilities.

LOOK:

In addition, Apple issued a record-breaking number of patches to its Safari 5 web browser this past March. Computerworld reported that the month saw 83 vulnerabilities, which the company hoped to fix with a browser update.

Perhaps the biggest security problem Apple has faced in the last several months was the spread of malware like the Mac Flashback trojan and, more recently, the Sabpab trojan, both of which took advantage of vulnerabilities in Java software.

On April 13, Apple released a Java update (the third in just nine days) meant to both patch up said vulnerabilities and remove variants of the Flashback malware. According to Forbes, this update should also help protect Mac users from the Sabpab trojan; however, those who have installed the update should still be wary. Graham Cluley, a senior technology consultant at computer security firm Sophos, recently reported that a new version of the Sabpab trojan is "exploiting malformed Word documents," rather than relying upon Java vulnerabilities for entry into a victim's computer.

While it's unclear how many Macs have been infected with the Sabpab trojan, those infected with the Flashback trojan -- which had previously spread to more than 600,000 devices across the world -- has recently decreased to around 30,000, IT security company Kaspersky Lab told Ars Technica.

According to Ars, in an April 19 press conference, Kaspersky Lab researchers stressed the importance of anti-malware software for Mac users and explained that "Mac OS X invulnerability is a myth."

In addition, Ars explained that, according to Kaspersky Lab, Mac malware has recently increased due to "a critical increase in Mac market share."

"Market share brings attacker motivation," Kaspersky Lab researchers said, as reported by Ars. "Expect more drive-by downloads, more Mac OS X mass-malware. Expect cross-platform exploit kits with Mac-specific exploits."

Cluley added his own words of wisdom to the end of his report on the Sabpab trojan: "It's time for Mac users to wake up and smell the coffee. Mac malware is becoming a genuine issue, and cannot be ignored any longer."

Have you secured your Mac against malicious software? If not, what steps will you take to protect your Apple device? Share your thoughts with us below!

Related on HuffPost:

FOLLOW TECH

From our partners


Alright, Apple fans, it's time to face the truth: Your Macs aren't as safe as you might think. According to PCWorld, a report recently released by Internet security firm ...
Alright, Apple fans, it's time to face the truth: Your Macs aren't as safe as you might think. According to PCWorld, a report recently released by Internet security firm ...
Related News On Huffington Post:
 

 
 
  • Comments
  • 614
  • Pending Comments
  • 0
  • View FAQ
Post Comment Preview Comment
To reply to a Comment: Click "Reply" at the bottom of the comment; after being approved your comment will appear directly underneath the comment you replied to.
View All
Favorites
Recency  | 
Popularity
Page: 1 2 3 4 5  Next ›  Last »  (9 total)
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
07:15 PM on 04/25/2012
Courteney, please stop writing about Macintosh security.

There's a spike in Mac figures, alright. But, instead of talking about how it took Apple 27-years to sell 60-million Macs and only two-years to sell that many iPads is the story you should have wrote.

Write about iPods and music and pictures and lovely stories, but please, stay out of Macintosh.

Until you come to grips with your sources (PC World?) and their own agenda (who owns Trend Micro?), you can't come in here with their news, their stories and tales, and present them as findings of fact that would interest veteran Mac users.

Don't forget, the majority of your audience's first exposure to Apple, was through iPod.

Apple sold 4 million Macs in the last 90-days! 2-million of them were sold to first-time buyers! Of the 2-million who bought new Macs, how many of them are thinking, after reading your article, they should have just stayed with Windows; here comes all those nasty viruses we thought we were leaving behind!

You ended your article with more questions than answers! Why? Why didn't you at least link to Apple's own wealth of resources to better inform your readership?

Comparing Apple's dilemma with this particular malware and the climate of war that permeates every aspect of the Windows-using world is redonkulous.

In a Windows world, security is a lifestyle. On Macintosh, it's the way of life.
Permalink  |
photo
HUFFPOST SUPER USER
Zirnitra
Knowledge is power.
55 Fans
11:53 AM on 04/23/2012
I'm still quite the apple fan. My brother used the same computer for five years before it broke down (and he bought it used), and while the Mac isn't perfect, it's better for me than PCs.
Permalink  |
photo
HUFFPOST SUPER USER
Ichigo Kurosaki
Why do Republicans hate America so much?
259 Fans
 
09:26 AM on 04/23/2012
"Apple posted the highest number of reported security vulnerabilities during the first three months of 2012, leading all other OS and software vendors with 91 vulnerabilities."

I've known THAT for more than 10 years.

Because of that knowledge, I am well-positioned to profit when the iZombies come crawling for security software for their precious "invulnerable" computers and they WILL pay. One way, or another.
Permalink  |
Squidkid
30 Fans
10:04 AM on 04/23/2012
Wow. In 2002 you knew that in 2012, Apple would post the highest number of reported security vulnerabilities? That's pretty amazing.
Permalink  |
photo
HUFFPOST SUPER USER
Ichigo Kurosaki
Why do Republicans hate America so much?
259 Fans
 
01:15 PM on 04/23/2012
MacOS's vulnerabilities have been around since MacOS 5. Apple refuses to plug the holes. Apple has been very reluctant to even admit the vulnerabilities even exist.
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
07:49 PM on 04/25/2012
"Because of that knowledge, I am well-positioned to profit when the iZombies come crawling for security software for their precious "invulnerable" computers and they WILL pay. One way, or another."

ooohh. you sound dangerous. would you have my baby?
Permalink  |
photo
HUFFPOST SUPER USER
Ichigo Kurosaki
Why do Republicans hate America so much?
259 Fans
 
01:07 PM on 04/26/2012
Silence, oh bigoted iZombie. You use many words, but say nothing. Go crawl back under your bridge and eat billy goats. Leave the deep thinking to those of us who have the hardware for such complex tasks.
Permalink  |
billswan173
187 Fans
03:45 AM on 04/23/2012
I had a die hard mac user, he bought an original mac when they came out in 84, tell me that OSX doesn't get viruses. I laughed, guess ignorance is bliss.
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
06:39 PM on 04/25/2012
OS X doesn't get viruses. Probably never will, either.

The fact is, when Apple moved up to a modern operating system, with hierarchical access and individual accounts, it pretty much closed off any progress up to that point to undermine the Macintosh platform.
Permalink  |
photo
HUFFPOST SUPER USER
RealityMyFriend
264 Fans
11:38 PM on 04/22/2012
Mac fan here - NOTHING is secure duh!! However the US eletric grid, nuke plants, IRS are all connected to the intenet. This mac user has bigger things to worry about. Just don't be stupid connecting to networks and surfing.
Permalink  |
billswan173
187 Fans
03:05 AM on 04/23/2012
Same thing for windows users.
Permalink  |
photo
bryanzth
Honest to Goodness USA Patriot!
2998 Fans
08:14 PM on 04/22/2012
First question on this thread is about the picture with the silhouette in front of the Apple logo. What does the picture s'posed to mean, and what is the meaning of the silhouette? ;o)

BZ.
Permalink  |
justwhendoesitend
230 Fans
06:25 PM on 04/22/2012
This is in the realm of my expertise over last 31 years. I am not going to get into arguments, it seems to me 99% of the folks on HP have no real idea of technical details of security on any platform and can not be discussed or understood. There are plenty of other sites for the details. You can go there to start to learn security. At the very large company I work for, we are forever cleaning up our clients machines and no amount of warning, instruction seems to prevent the majority of issues which are human mistakes. Makes us a lot of money.

My points are two. First is that no OS or machine is 100% defect free. Second this article is written like the trash from England tabloid machines. Just something that causes hits for advertising. It covers a topic that produces interest, 517 comments.....

Some folks have an argument that attacks happen less to Apple because of market size is true and that could apply to any non-windows platform. We all are very aware that Microsoft has such a bad track record it spawned a multi-billion dollar security software industry.

As far as superiority of one OS over another, well seems folks just want to throw mud. Just like politics and religion. For some out there is religion. Not worth discussing in this forum. But this article is just sensationalizing the recent episodes with Apple and security.
Permalink  |
OhioPoBoy
25 Fans
07:43 PM on 04/22/2012
Worked professionally in production environment with both Mac & Windows (from DOS thru Vista) for 26 years, and agree with this. I've had hundreds of major security problem with Microsoft iterations, ZERO with Macs. I ran scans on all equipment when this rumor came out. I contacted my fellow professionals, our local Mac club, numerous others and no one had found this alleged infection. Now, there are hundreds of thousands of "hackintosh" computers in the world that do NOT get upgrades and security fixes automatically. The crap that Mac does not have problems is just that. But Apple sends regular fixes and upgrades. To install a Trojan, you have to either be where you should not be (pron, gambling, phishing scams) or you are so dumb, you agree to hurt yourself. But THINK where all this hype is coming from, a Russian security company that makes money on making people buy their security scam. Consider the source.
Permalink  |
tcpcat
18 Fans
06:17 PM on 04/22/2012
Mac books aren't bad . It just that there product are over priced
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
06:12 PM on 04/25/2012
No, they're not overpriced, they're out of your budget. Get off the price issue already. This isn't 1995 anymore.
Permalink  |
tcpcat
18 Fans
07:06 PM on 04/25/2012
really man you can get something better for less. You really don't need a apple product . Spread the word.
Permalink  |
TomCinIllinois
763 Fans
03:51 PM on 04/22/2012
Intel is working on computer chips that are more resistant to malware by design. This should be helpful to owners of future machines of all operating systems.
Permalink  |
photo
HUFFPOST SUPER USER
ResearchtheFacts
Alert, awake & paying attention to the details.
2454 Fans
04:57 PM on 04/22/2012
TPMs?
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
07:23 PM on 04/25/2012
No, TSRs.
Permalink  |
tcpcat
18 Fans
06:18 PM on 04/22/2012
Yaaa!
Permalink  |
photo
gfdgary
25 Fans
02:01 PM on 04/22/2012
Mac users have for years boasted about their security and mocked Window PC users about security. Shows how ignorant and how they lived in the 'bubble' they made of being superior in terms of Mac attacks. Well, you've been told for years it is just a matter of time as Macs become more popular that hackers would greet you with their gifts. All this time you just boasted on the superior security of a Mac. Touche.
Permalink  |
photo
HUFFPOST SUPER USER
Frank Lee Mydear
21 Fans
02:09 PM on 04/22/2012
Macs still have less than windows and one attack is web/java based which would probably affect windows, too. And also the attack is caused by a Word document, which is still a MS product. The fanboy arrogance on both sides has to stop.
Permalink  |
TomCinIllinois
763 Fans
03:49 PM on 04/22/2012
The vector of attack is irrelevant. The target of the attack is still the problem. If you own a target machine, rather than boast that it isn't Apple's software at fault, you should take steps to protect your machine and your data.
Permalink  |
photo
HUFFPOST SUPER USER
JohnTheMac
Now, why don't you go home and get your shine box?
223 Fans
02:47 PM on 04/22/2012
" you've been told for years it is just a matter of time as Macs become more popular that hackers would greet you with their gifts."

ok, right there... wasn't "all that time" worth something? It's like we're all going to die, it's "just a matter of time". ok, I'd like that 'matter of time' to be a large number.
With Macs, we've enjoyed a long time with no cares.
I've had anti-malware software for years now on my mac.
We have nowhere the magnitude of malware Windows does.
Some people are "lovin' this", as though OSX is at a point where Win95 was, and we will have a 20 year war against cyber crime and hackers. That's far from reality, but it helps assure all the people who chose not to get a mac feel good about that choice.
It's like someone who had a Yugo that broke down once a week, and sufferd with it for years, passing a BMW on the side of the road, with a flat tire, and laughing, "Ha! Glad I didn't waste money on one of those!"
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
07:30 PM on 04/25/2012
Well said. I especially like the part where you said that twenty-eight years of doing it right, wasn't good enough.

The really salient point though is your allusion to the notion that our malware war is just beginning! LOL.

By the time Macintosh gets a virus, Apple will have shifted the entire world's paradigm about computing in the 20th Century.

It took Apple 28-years to sell 65-million Macs and only 2-years to sell as many iPads! Tell me the desktop isn't dying along with all those countless billions of wasted man-hours lost due to Microsoft's incompetence in security.
Permalink  |
photo
jsarets
1149 Fans
01:27 PM on 04/22/2012
All networked application platform will be vulnerable, at least as long as operating systems support applications written in compiled languages which support naked pointers and unchecked arrays (e.g. C, C++, Objective-C). Java is a safe language in theory, but Flashback exploits a feature of the JRE which allows applications to execute unsafe code by registering it as the "help" program.

The trend in experimental operating system design these days is to run all user threads and the large majority of system threads in a single virtual address space on top of a microkernel which provides a virtual machine, interrupt router, thread scheduler, and physical memory allocator. Memory protection is enforced by the virtual machine's object graph rather than by the processor's page tables.

Examples include Microsoft Midori based on CIL (C# and other .NET dialects), Phantom OS based on JVM (Java, Scala, and other dialects), and Lua OS based on the (brilliant) Lua virtual machine. In addition to reliability and security, these operating system also feature orthogonal persistence, whereby the in-memory object pool is synchronized to mass storage so that all data and state is preserved across reboots without the need for a separate storage abstraction such as files.

Until such next-generation operating systems rescue us from the scourge of unsafe code, the most important concern is the efficiency of the patch cycle. This generation of operating system is always going to subject to exploits. The issue is how quickly they are patched. Several months elapsed between Oracle releasing the Java patch and Apple finally releasing the patch, and Apple has still be unable to push the patch onto many of their machines in the field. This is not good at all.

Contrast this with what Google has done with Chrome. Yes, Chrome has some really sophisticated security features as a matter of course, but its greatest strength is the patch cycle. By default, Chrome downloads and installs updates in the background as soon as they are released, and the update automatically takes effect the next time the browser is started. As a result, the vast majority of all Chrome users are running the most up-to-date and fully-patched version.

Apple has to get their patch cycle in order. Otherwise they're going to be the favorite target of every script kiddie who knows how to look up known exploits in the CVE database.
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
06:15 PM on 04/25/2012
"Contrast this with what Google has done with Chrome. Yes, Chrome has some really sophisticated security features as a matter of course, but its greatest strength is the patch cycle. By default, Chrome downloads and installs updates in the background as soon as they are released, and the update automatically takes effect the next time the browser is started. As a result, the vast majority of all Chrome users are running the most up-to-date and fully-patched version"

Did you write this last year? Chrome self-updates? Imagine that.

It's too bad Apple hasn't considered deploying that same software update technique; deploying patches remotely as they become available. Google are some crazy bitches!
Permalink  |
EliWiggs
17 Fans
11:38 AM on 04/22/2012
Platform wars are so *YAWN* old and tired.
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
06:16 PM on 04/25/2012
they sure are, especially when you can't choose sides.
Permalink  |
SangZe
617 Fans
10:17 AM on 04/22/2012
Mac has sold out its customers. Mac is forcing them to upgrade to a system that is simply not as good as Snow Leopard just so they can turn a buck. This is why I am abandoning Mac. I am satisfied with what I have, do not see any reason for any upgrade. I don't have a cell phone or other such device and don't want them. For the most part,I just write and manage photographs. I'm told Mac's Lion will not support my programs and I would lose my numerous photo files. I have had Macs for many years, but I've decided it's time to move on. Screw them.
Permalink  |
photo
HUFFPOST SUPER USER
elicourey
It takes a nation of millions to hold me back!
249 Fans
 
10:27 AM on 04/22/2012
what are you moving to?
Permalink  |
photo
HUFFPOST SUPER USER
ResearchtheFacts
Alert, awake & paying attention to the details.
2454 Fans
05:01 PM on 04/22/2012
Virtual machines, keep it moving. You can't hit a moving target.
Permalink  |
photo
HUFFPOST SUPER USER
g4dualie
Stop Supporting Flash. Adobe did!
72 Fans
06:26 PM on 04/25/2012
He's not going anywhere.

HE DOESN'T OWN A MAC and he never did. The first tell, is SangZe thinks Mac is a company. "Mac is forcing them to upgrade..." blah blah blah.

Everyone of his statements is a Mac-hating PC talking point. If he did own a Mac for many years as he says, surely he would have known by now that Macs are made by fairly popular company whose name comes up in conversation a million times a day.

Why is that so hard to learn?

Macintosh. Designed by Apple, Inc.
Permalink  |
EliWiggs
17 Fans
11:54 AM on 04/22/2012
It's true that Lion does not support Rosseta so pre-Intel Power PC software will not run, but Apple continued to support Power PC software via Rosseta in the next three iterations of OSX after migrating to Intel processors. I think that's fair enough.
I don't know where you got the idea that you would lose photos. That's just not true.
Permalink  |
photo
HUFFPOST SUPER USER
JohnTheMac
Now, why don't you go home and get your shine box?
223 Fans
12:22 PM on 04/22/2012
hey, if that's what the guy thinks, don't you think it's better that he DOES move on? Let Windows people support someone like this.
Permalink  |
photo
NVEd
I love mountains.
1420 Fans
09:15 AM on 04/22/2012
Anyone ever wonder why you never see a Linux distribution referred to in any of these security warning articles? Simple Linux does not have security problems like other OS's.
Permalink  |
photo
HUFFPOST SUPER USER
elicourey
It takes a nation of millions to hold me back!
249 Fans
 
10:27 AM on 04/22/2012
haha, you're saying Linux doesn't get security updates?
Permalink  |
photo
NVEd
I love mountains.
1420 Fans
02:26 PM on 04/22/2012
Sure they do.
Permalink  |
photo
ThePlumber2012
9 Fans
10:33 AM on 04/22/2012
lol, you Linux users always pop up with your unpopular OS that no one cares about.
Permalink  |
photo
NVEd
I love mountains.
1420 Fans
02:29 PM on 04/22/2012
You mean our totally free, go anywhere, do anything OS's. You keep paying for your overpriced Windows and Mac systems plus the extra security to keep them safe. Meanwhile I'll be downloading and installing the latest version of my favorite Linux Os totally free in another week. Who's laughing?
Permalink  |
photo
HUFFPOST SUPER USER
ResearchtheFacts
Alert, awake & paying attention to the details.
2454 Fans
05:05 PM on 04/22/2012
You know now that they are inputting gov tracking software via OTA you might want to rethink that.
Permalink  |
photo
HUFFPOST SUPER USER
kurtvb
Knowledge is Power
313 Fans
 
08:41 AM on 04/22/2012
I have been a MAC user for over a decade. I have not had a problem and I understand why: Market share. No OS is completely safe. But the two malware trojans out there enter through a vulnerability of a third party software, namely Java. As MAC continues to take market share, we will have to see how the company responds and how they add protections to new OSs'. MAC is based on LINUX an UNIX, both OSs that are much more sophisticated than Windows, and it compartmentalizes how programs function with the OS. Windows has integrated so much of its other programs into the OS, that the opportunity to attack it is much greater.

No system is ever "unsinkable" It just depends on how quickly it can be corrected when a problem arises.
Permalink  |
bigotsrunchristianity
96 Fans
12:28 PM on 04/22/2012
This was true of windows xp, but now everything runs in the sandbox.

All windows malware takes advantage of a third party app being installed on a windows box, which takes advantage of an exploit. All OS's are the same, don't kid yourself you are safer.

Windows users undersatand they can be hacked, which adds another level of security, when you think it's hard to hack your box, you are going to take less precautions. Stop spreading the misinformation, ALL OS's can be hacked, take precautions.
Permalink  |
photo
Keith Bowes
61 Fans
01:05 AM on 04/25/2012
I can list mile-long lists of how bash is better than cmd.exe, how much better vi is than notepad, etc. Saying that they're all the same is incredibly naive.
Permalink  |
photo
Keith Bowes
61 Fans
01:03 AM on 04/25/2012
Mac is not based on Linux. It's based mostly on a BSD kernel. They refused to base it on Linux because the GPL wouldn't allow them to have proprietary software.
Permalink  |
 
Page: 1 2 3 4 5  Next ›  Last »  (9 total)